ESET NOD32 failed to protect us. Other options?

Windows XP:
One of our employees got infected by a virus. It hid his entire folder structure including all programs. He works remotly so he took it to a local computer repair shop. They said he was virused and it got through a fully updated ESET NOD32 and was somewhat stopped by Spybot.

The computer repair place was unable to tell me the name of the virus or where it came from. I need to start looking into something more robust. This user uses our VPN and we cannot risk our severs being infected by one of our VPN users.

We have 6 servers (mix of W2K3 and W2K8) and 15 clients running NOD32 at the moment.

There is, unfortunately, no 100% solution. I use a combination of trend an MalwareAntibytes, But the only guarantee is a good backup. If possible, a real time backup. If you have a good backup solution, even if not real time, the worst case is 1 day lost. With the advent of multi Terrabyte USB drives, a fairly inexpensive, reliable backup solution is possible. Even real time. There are also multi TB network drive available.

Not knowing where your mail comes from, if you run an in-house mail solution, take a look at Barracuda for a reasonable Anti-SPAM, anti email virus solution.

But no one solution is 100% because the virus software company must respond to a new threat, and release a pattern file and you must implement the new pattern file before you are covered, Another issue is user education. If a user clicks on a file he thinks is from a friend that is actually spoofed, there is no defense AV solution or not. Make regular images of your user's PCs to be able to re-image an infected PC rapidly.

And keep your fingers crossed - even Microsoft and the Federal government get hit occasionally.

Featured Post

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!